diff options
Diffstat (limited to 'server/middlewares/validators/users.ts')
-rw-r--r-- | server/middlewares/validators/users.ts | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts new file mode 100644 index 000000000..a9149fe1b --- /dev/null +++ b/server/middlewares/validators/users.ts | |||
@@ -0,0 +1,84 @@ | |||
1 | const db = require('../../initializers/database') | ||
2 | import { checkErrors } from './utils' | ||
3 | import { logger } from '../../helpers' | ||
4 | |||
5 | function usersAddValidator (req, res, next) { | ||
6 | req.checkBody('username', 'Should have a valid username').isUserUsernameValid() | ||
7 | req.checkBody('password', 'Should have a valid password').isUserPasswordValid() | ||
8 | req.checkBody('email', 'Should have a valid email').isEmail() | ||
9 | |||
10 | logger.debug('Checking usersAdd parameters', { parameters: req.body }) | ||
11 | |||
12 | checkErrors(req, res, function () { | ||
13 | db.User.loadByUsernameOrEmail(req.body.username, req.body.email, function (err, user) { | ||
14 | if (err) { | ||
15 | logger.error('Error in usersAdd request validator.', { error: err }) | ||
16 | return res.sendStatus(500) | ||
17 | } | ||
18 | |||
19 | if (user) return res.status(409).send('User already exists.') | ||
20 | |||
21 | next() | ||
22 | }) | ||
23 | }) | ||
24 | } | ||
25 | |||
26 | function usersRemoveValidator (req, res, next) { | ||
27 | req.checkParams('id', 'Should have a valid id').notEmpty().isInt() | ||
28 | |||
29 | logger.debug('Checking usersRemove parameters', { parameters: req.params }) | ||
30 | |||
31 | checkErrors(req, res, function () { | ||
32 | db.User.loadById(req.params.id, function (err, user) { | ||
33 | if (err) { | ||
34 | logger.error('Error in usersRemove request validator.', { error: err }) | ||
35 | return res.sendStatus(500) | ||
36 | } | ||
37 | |||
38 | if (!user) return res.status(404).send('User not found') | ||
39 | |||
40 | if (user.username === 'root') return res.status(400).send('Cannot remove the root user') | ||
41 | |||
42 | next() | ||
43 | }) | ||
44 | }) | ||
45 | } | ||
46 | |||
47 | function usersUpdateValidator (req, res, next) { | ||
48 | req.checkParams('id', 'Should have a valid id').notEmpty().isInt() | ||
49 | // Add old password verification | ||
50 | req.checkBody('password', 'Should have a valid password').optional().isUserPasswordValid() | ||
51 | req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid() | ||
52 | |||
53 | logger.debug('Checking usersUpdate parameters', { parameters: req.body }) | ||
54 | |||
55 | checkErrors(req, res, next) | ||
56 | } | ||
57 | |||
58 | function usersVideoRatingValidator (req, res, next) { | ||
59 | req.checkParams('videoId', 'Should have a valid video id').notEmpty().isUUID(4) | ||
60 | |||
61 | logger.debug('Checking usersVideoRating parameters', { parameters: req.params }) | ||
62 | |||
63 | checkErrors(req, res, function () { | ||
64 | db.Video.load(req.params.videoId, function (err, video) { | ||
65 | if (err) { | ||
66 | logger.error('Error in user request validator.', { error: err }) | ||
67 | return res.sendStatus(500) | ||
68 | } | ||
69 | |||
70 | if (!video) return res.status(404).send('Video not found') | ||
71 | |||
72 | next() | ||
73 | }) | ||
74 | }) | ||
75 | } | ||
76 | |||
77 | // --------------------------------------------------------------------------- | ||
78 | |||
79 | export { | ||
80 | usersAddValidator, | ||
81 | usersRemoveValidator, | ||
82 | usersUpdateValidator, | ||
83 | usersVideoRatingValidator | ||
84 | } | ||